Keeping your system and data secure can be a daunting task, but there are a wide range of tools available to help with the process. In this article I hope to sort out some of these issues and suggest some good programs to help with your security needs.

Required Software

At a minimum, a PC needs to have anti-virus, firewall, and anti-spyware software installed, up-to-date, and running.

Optional Software

Though optional, users can benefit from file shredders, encryption services, password tools, port scanners, and other tools.

Firewall

Within a few minutes of connecting a new PC to the internet, it can come under attack from other computers scanning for unprotected systems to hijack. A firewall will protect PCs from these attacks.

Another problem is software installed on your PC that attempts to connect other computers on the internet for whatever reason. Most of the time this is okay, but once in a while it is not. For instance, it’s okay when an email program such as Mozilla Thunderbird or Outlook Express attempts to contact your email provider to download or send email, but it might not be okay when an unknown program suddenly decides to contact an unknown system on the Internet. Could be an undected virus or simply a program you’ve installed that’s trying to send tracking data the software developer (which you might or might not want to happen). Firewalls can block unwanted activity and selectively allow only those connections which you determine are valid.

Zone Alarm is a good firewall with a free version available. Another good firewall is Kerio Personal Firewall, also free.

Anti-virus

If you read email or download anything or even visit certain websites, you run the risk of a virus being transferred to your computer. Some are harmless, but usually they’re malicious in one way or another. Anti-virus software can help protect your computer from “infection” and find and remove already-present viruses. They must be regularly updated, to stay abreast of the latest viruses (new ones appear daily).

While there are large, expensive anti-virus solutions, GriSoft’s free version of AVG Anti-virus software is well-respected and effective. A side benefit is that it isn’t overly burdensome to system performance.

Other anti-virus solutions
avast! — home edition is free with registration.
AntiVir — a free version is available for non-commercial use. Good but no email scanner.

Fighting Spyware

Spyware (or adware, or malware, or various other names for junk installed on your computer with the intention of hijacking your web browser or snooping on you) — it ends up on your computer by visiting websites that force the software to your computer through flaws in Internet Explorer, or if you install software that also installs spyware.

The first step in protecting against spyware is to stop using Internet Explorer and switch to Mozilla Firefox. Next, download, install, and use one or more spyware scanners.

Lavasoft’s Ad-Aware and Spybot Search-and-Destroy are both available in free versions and have long been recognized as the products to use. In fact, it’s often recommended to use both of them. Both are good, but each have their strengths.

A third option is Microsoft’s new AntiSpyware product, which includes resident spyware scanning (a feature unavailable in the free versions of Spybot and Ad-aware). It’s still a beta release, but might be another good option.

Other spyware scanners
HijackThis — popular free spyware scanner.

port scanner – blue’s port scanner, currports

File Shredding

Once a file is deleted, its contents are often still recoverable. The success of recovering deleted data depends on how much use the disk has had since the file was deleted, but also on the motivation and resources of whoever is trying to recover the file.

This is good news in the case of an accidental file deletion by Joe User; if he acts sensibly (doesn’t use the file system in question and uses a file recovery program) he has a good chance of getting his file back. It’s also good news that the proper authorities can recover data from computers siezed from terrorists and criminals.

However, it can be bad news if someone else gets access to a hard drive that once contained your personal information, such as when you donate or sell an old computer. Identity theft is a growing problem that can make your life miserable for years to come. In situations like these, ensuring that your data has been permanently wiped away is critical.

For a Windows example, think of it like this: dragging a file to the “Recycle Bin” is similar to dropping a credit card statement in the waste basket — it can be simply be removed; actually deleting the file is similar to tearing the statement a couple times and dumping it in the trash; permanently shredding the file is like cross-cut shredding then burning the confetti remains of the statement. The process involves repeatedly overwriting your files, directories or folders, or entire hard drives with a pattern of data or simply random bits until recovery is nearly impossible.

Eraser is a popular, free file shredder, now being maintained by Heidi Computers in Ireland. Another free alternative is AnalogX’s SuperShredder. BCWipe by Jetico is another option. It’s free to evaluate, but if you continue to use it, a one-year license costs $39.95 or $19.95 for renewal (price is the same in Euros).

Password Tools

A strong password is typically defined as something that uses a combination of mixed case letters, numbers, and punctuation characters, is rather long, and contains no dictionary or obvious words.

We’re asked to enter passwords for dozens of websites and accounts. For them to be secure they have to be hard to remember. The downside is that they’re hard to remember.

Writing down our passwords isn’t normally a solution, since someone could see them. So a program to manage our passwords is in order. With these programs you enter a password (or use some biometric solution such as a thumbprint) to get access to your plethora of passwords and account information.

PasswordSafe is a free password manager that asks you to enter a main password that decrypts and allows you to see a list of accounts you’ve entered. You can double click the account to have the password copied to the clipboard, or actually display the password if needed. Good idea, good software.

PINs is another free password manager that works in a similar manner.

Another option is to store your passwords in an encrypted file.

Encryption

If you have nothing to hide, why would you want to encrypt your data? Well, for one thing, sending an email is similar to sending a post card; everyone between you and the recipient can read it. Also, keeping a company’s data encrypted unless actually in use helps ensure the security of sensitive business and customer data.

Gnu Privacy Guard is a GPL free replacement for the venerable PGP encryption program. It’s available for many systems and is very capable, but requires some knowledge that the average user won’t have.

AxCrypt is a good, free, encryption program that integrates with the Windows environment in addition to offering commandline encrypt/decrypt commands.

Truecrypt offers encrypted drive support. Once you create the encrypted drive (say, for example, at drive letter X:), you can simply drag and drop your files over to the encrypted volume. Everything stored there is encrypted.

Cryptainer LE allows you to send encrypted emails and create an encrypted disk to store your files. Free.